10 biggest cyber attacks of all time
In the age of internet cybersecurity is the most important thing a internet user should care about because from food ordering to handling money everything is now done online.
In this article we will see how some small mistakes of companies and organisations led them to became a victim of cyber attacks which compromise them personal data and millions of dollars.
In this article I have explained 10 biggest cyber attacks of all time.
1. Nasa cyber attack
The attack on nasa was done by a 15 year old teenager named Jonathan James in 1999.
Jonathan James- the first juvenile to be sentenced federally to a term of confinement for computer hacking.
His father was a computer engineer and mother was a teacher, because of his father's job he got access to computers from a very early age, from the age of 6 he started to play games in his father's computers.
James’s parents were quickly realised that their son was spending too much time in front of the computer screen and tried to impose restrictions, which eventually James bypassed using his hacking “charisma” from a very young age.
During his teen years he got obsessed with computers and mostly obsessed with finding bugs and bypassing security in computers.
He learned most of his hacking skills from internet by watching tutorials and talking to different hackers.
In June 1999, he was looking for vulnerable servers to connect by bypassing their firewalls.
When he found one in Huntsville, Alabama, he went on and installed malware on it. He managed to escalate his privileges into the system, and then pivoted to another 13 computers on the compromised network.
The network comprised surprisingly belonged to a unit NASA, the Marshall Space Flight Center, located in Huntsville, Alabama. The unit has a lot of importance for NASA as it is the place where they develop and test rocket engines as well as communication systems for the ISS (International Space Station).
2. Sony's PlayStation cyberattack
In April of year 2011, the PlayStation Network (PSN), Sony's online gaming service, suffered a significant security breach. The attack resulted in the theft of personal information from millions of PSN users, including names, addresses, email addresses, and potentially even credit card details.
As a result of the breach, Sony shut down the PSN for almost a month to investigate the incident, enhance security measures, and rebuild its network infrastructure. The attack had a significant impact on Sony's reputation and resulted in various legal consequences and financial losses for the company.
3. Ukraine's powergrid attack
In December 2015, a group of hackers attacked three powergrid of ukraine.
They used malwares to perform attack and gained control on systems. This result in power outage which affected almost 2,25,000 customers for several hours.
In December 2016, another attack occurred, known as the "December BlackEnergy Attack." It targeted a different set of power distribution companies in Ukraine, using similar tactics. This attack caused power outages in multiple regions of the country, impacting tens of thousands of customers.
4. Colonial pipeline ransomware attack
The colonial pipeline a major pipeline in United States, it mainly transports gasoline, diesel and jet files.
In May 2021, a group of hackers named DarkSide gained unauthorised access to colonial pipeline's computers and inject ransomwares. Due to this attack the colonial pipeline had to be shut down for prevention of further system and infrastructure.
The colonial pipeline carries nearly 45% of total fuels to east coast which is an important part of country's infrastructure.
Because of the shutdown of the pipeline, the east cost have to suffer with a big oil crises.
They engage FBI and cyber experts to investigate the case.
Also they had to pay attackers 4.4 million dollars in bitcoins in the exchange for safety of their infrastructure.
5. Yahoo attack
The cyber attack on Yahoo in 2013 and 2014 are one the world's biggest cyber attacks.
The attack compromised personal details of approximately 3 billion Yahoo users.
The attackers stole critical data of users such as name, email, passwords, security questions, etc. Which was later used for many illegal activities such as identity theft, phising attacks.
6. Log4j vulnerability
The Log4j vulnerability, also known as CVE-2021-44228 or Log4Shell, is a critical security flaw that was discovered in December 2021. Log4j is a popular Java-based logging library used in numerous applications and software frameworks.
The vulnerability allows attackers to execute arbitrary code remotely by exploiting the log4j library's use of dynamic log formatting. It is considered highly severe because it can be exploited through various vectors, including maliciously crafted log messages, HTTP requests, JNDI lookups, and more.
When the vulnerability was disclosed, it raised significant concerns due to the widespread usage of Log4j across different industries and applications. It affected numerous organizations, including government agencies, financial institutions, and large corporations.
7. 2016 Indian banks data breach
The 2016 Indian banks data breach was reported in October 2016.
This was the largest data breach in India which compromised almost 3.2 million credit debit details, the attackers inject malwares in the bank systems.
The malwares was designed like that it was able to work undetected and had concealed it's track.
8. Estonia cyber attack
The Estonia cyber attack was reported in 2007. In 2007, Estonia experienced a series of cyber attacks on its government institutions, medical system, education system, businesses, etc.
The cyber attacks on Estonia were triggered by the relocation of a Soviet-era war memorial, the Bronze Soldier of Tallinn, which sparked widespread protests and tensions between Estonia and Russia.
The attacks began with distributed denial-of-service (DDoS) attacks, which overwhelmed Estonian websites and disrupted online services. This made it difficult for Estonian citizens, businesses, and government entities to access essential services and information.
The attacks on Estonia act as a wake-up call for government to focus on their cybersecurity systems and develop a better infrastructure.
9. Wannacry ransomware attack
The wannacry ransomware attack was a cyber attack on computers running windows os called Eternalblue.
This cyber attack was performed in May 2017.
The ransomware spread rapidly by exploiting this vulnerability and encrypting files on infected computers. It then demanded a ransom payment in Bitcoin to unlock the encrypted data.
The attack affected many organisations including government institutions, healthcare system, education systems, etc.
Following the attack, a collaborative effort by cybersecurity experts and law enforcement agencies helped to slow down the spread of WannaCry and mitigate its impact. However, it also served as a reminder of the ongoing threat posed by ransomware and the importance of proactive cybersecurity measures.
10. Adobe cyber attack
In 2013, Adobe reported a cyber attack which compromised with customers critical data which was stored on Adobe servers, the attackers also gained the access to the codes of some of the products of Adobe like Acrobat and Coldfusion.
The data breach had affected a large number of individuals and organisations for their data, it raise the concern of safety of personal data and shows the importance of cybersecurity measures and data protection practices.
.png)
.png)
No comments:
Post a Comment